The legal profession and exemplary compliance practice for data
HTL Support specialises in providing technology solutions for the professional services sector. Perhaps above all others, the legal profession needs to demonstrate exemplary practice. Poor practice may have very serious consequences measured in a currency that exceeds the value of mere money.
Legal firms are governed by The Law Society and the Solicitor’s Regulation Authority (SRA). Both have issued guidance. Here we bring the six key requirements together and explain how HTL technology solutions enable legal firms to meet their compliance obligations.
- The General Data Protection Regulation 2016/679 (GDPR.)
The requirement:
In handling personal data solicitors must comply with the the General Data Protection Regulation 2016/679 (GDPR).
How HTL Support ensures exemplary compliance:
The data protection act applies to our business and all our systems are designed to be compliant with the Information Commissioner’s office.
- The need to protect confidential information
The requirement:
Outcome 4.1 of the SRA Code of Conduct requires firms to keep the affairs of clients confidential.
How HTL Support ensures exemplary compliance:
Thorough Non-Disclosure agreements are in place with all our clients and staff members.
- The issues of data location, model clauses and Safe Harbour
The requirement:
Firms must be aware of the eighth principle of the Data Protection Act:
“Personal data shall not be transferred to a country or territory outside the European Economic Area, unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.”
Firms must also ensure a written contract is in place with the provider, requiring providers of technology services to follow the firm’s instructions.
How HTL Support ensures exemplary compliance: All data stored on HTL Support technology solutions is held exclusively on UK data centres and data sovereignty is governed by UK/EU law.
- Compliance with SRA data access requests
The requirement:
Outcome 7.10 of the SRA Code of Conduct provides that firms must ensure they have appropriate terms in their agreements with providers to allow the SRA to have access to inspect their data.
How HTL Support ensures exemplary compliance:
When legal firms store data with HTL Support, they always own the data and retain all rights, title, and interest in it. Firms are able to download a copy of the data at any time and for any reason, and without the requirement of any assistance from us. Subsequently, firms are able to meet any SRA request to inspect data, or that of any other regulatory body, on demand.
- Quality standards for Information Security audit
The requirement:
The provider should offer audited information security that at a minimum is compliant with IS027001:2005.
How HTL Support ensures exemplary compliance:
All UK data centres used by HTL Support to provision cloud technology services are certified to ISO 27001.
- Data recovery and portability to avoid ‘lock-in’ and facilitate DR
The requirement:
Firms should also ensure that they are aware of, and satisfied with, the arrangements for:
- Frequency of back up of data
- Continuity and portability of the data in the event that the provider’s business fails or they wish to switch to another provider
How HTL Support ensures exemplary compliance:
- Data Recovery
- Full data retention, backup plans and disaster recovery plans are available to meet the specific requirement of each client in the legal sector.
- Data Portability
- Each firm owns its information and retains all rights, title, and interest in data stored with HTL Support. Firms are able to download a copy of the data at any time and for any reason, and without the requirement of any assistance from us.
Exemplary technology compliance for legal firms from HTL Support
Find out more about what our cloud solutions could do for your legal business. Contact us today to find out how we leverage the cloud to deliver greater value from your technology investment and demonstrate exemplary compliance with The Law Society and the Solicitor’s Regulation Authority (SRA) regulatory requirements.